package com.mgg.gateway.config;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;


@Configuration
@EnableResourceServer
public class ResourceServerConfig extends ResourceServerConfigurerAdapter{
	
	@Override
	public void configure(HttpSecurity http) throws Exception {
		http
		.authorizeRequests()
		.antMatchers ("/mgg/sso/**",
				"/mgg/goods/**",
				"/mgg/activity/**",
				"/mgg/app/**",
				"/mgg/user/shop/info/**",
				"/mgg/user/act/**",
				"/mgg/user/register/**",
				"/mgg/user/store/near",
				"/mgg/user/store/search",
				"/mgg/pay/**/notify",
				"/mgg/pay/**/h5notify",
				"/mgg/pay/weixin/hnotify",
				"/mgg/pay/sendOrderToWms",
				"/mgg/pay/refund",
				"/mgg/order/do/**")
				.permitAll()
		.anyRequest()
		.authenticated()
		.and().csrf().disable();
	}
}
